No kidding. I get dozens of automated attempts each week on every contact form for every website I host. I routinely go through and modify new sites to prevent this. I used to have it notify me of attempts but it was turning into a flood. I'm assuming that our governments are working hard to get to the root cause of this kind of behaviour and lock em up, but you don't hear about it happening very often. Even then their zombies go on trying. *Justin Cook* Developer http://www.skull.co.nz/ *Skype* justincookskull skype:justincookskull?call My status skype:justincookskull?call Simon Garner wrote:
On 15/06/2006 10:09 a.m., Ewen McNeill wrote:
In message <1150318480.2779.3.camel(a)agree-17>, Glen Eustace writes:
On Thu, 2006-06-15 at 08:02 +1200, Justin Cook wrote:
He's offering Squirrelmail. I've seen squirrelmail used to relay spam lately (some of it using my domain as the return address, grr.) [...]
We have been a victim of this several times in the last couple of months.
It's not just squirrelmail either.
I have a client with a webmail system that has been abused in a similar manner to send spam.
Ditto. Many PHP applications that make use of the mail() function are incorrectly coded and are vulnerable to header injection attacks, including older versions of squirrelmail and horde/imp.
Refer: http://www.securephpwiki.com/index.php/Email_Injection
-Simon
_______________________________________________ NZNOG mailing list NZNOG(a)list.waikato.ac.nz http://list.waikato.ac.nz/mailman/listinfo/nznog